<?php include("includes/startPage.php"); checkLogin(0); ?>
<?php
    //If this is recieved from the logon form
    if (isset($_POST['loginSubmit']))
    {	
	$cleanUsername = mysql_escape_string($_POST['username']); //Clean the username
	$hashedPassword = md5($_POST['password']); //Hash the plaintext password
	
	$isValidUser = ns_dao_user::authenticateUser($cleanUsername, $hashedPassword);
	if ($isValidUser == ns_dao_user::$AUTH_OK)
	{
            $userData = ns_dao_user::UserByUsername($cleanUsername);
            $_SESSION['username'] = $userData->Username();
            $_SESSION['userLevel'] = $userData->UserLevel();            
	} else {
            unset($_SESSION['username']);
        }
    }

    header("Location: index.php");
    /*
    logger::text("login marker 1 isValidUser = $isValidUser ");
    $tempUser = ns_dao_user::UserByUsername($cleanUsername);
    if (is_null($tempUser))
    logger::text("login marker 2");
    $_SESSION['username'] = $tempUser->Username();
    logger::text("login marker 3");
    $_SESSION['userLevel'] = $tempUser->UserLevel();
    logger::text("login marker 4");
    */
?>

